class models.User
User
objects have the following fields:
-
username
-
Required. 150 characters or fewer. Usernames may contain alphanumeric,
_
,@
,+
,.
and-
characters.The
max_length
should be sufficient for many use cases. If you need a longer length, please use a custom user model. If you use MySQL with theutf8mb4
encoding (recommended for proper Unicode support), specify at mostmax_length=191
because MySQL can only create unique indexes with 191 characters in that case by default.Usernames and Unicode
Django originally accepted only ASCII letters in usernames. Although it wasn’t a deliberate choice, Unicode characters have always been accepted when using Python 3. Django 1.10 officially added Unicode support in usernames, keeping the ASCII-only behavior on Python 2, with the option to customize the behavior using
User.username_validator
.Changed in Django 1.10:The
max_length
increased from 30 to 150 characters.
-
first_name
-
Optional. 30 characters or fewer.
-
last_name
-
Optional. 30 characters or fewer.
-
email
-
Optional. Email address.
-
password
-
Required. A hash of, and metadata about, the password. (Django doesn’t store the raw password.) Raw passwords can be arbitrarily long and can contain any character. See the password documentation.
-
groups
-
Many-to-many relationship to
Group
-
user_permissions
-
Many-to-many relationship to
Permission
-
is_staff
-
Boolean. Designates whether this user can access the admin site.
-
is_active
-
Boolean. Designates whether this user account should be considered active. We recommend that you set this flag to
False
instead of deleting accounts; that way, if your applications have any foreign keys to users, the foreign keys won’t break.This doesn’t necessarily control whether or not the user can log in. Authentication backends aren’t required to check for the
is_active
flag but the default backend (ModelBackend
) and theRemoteUserBackend
do. You can useAllowAllUsersModelBackend
orAllowAllUsersRemoteUserBackend
if you want to allow inactive users to login. In this case, you’ll also want to customize theAuthenticationForm
used by thelogin()
view as it rejects inactive users. Be aware that the permission-checking methods such ashas_perm()
and the authentication in the Django admin all returnFalse
for inactive users.Changed in Django 1.10:In older versions,
ModelBackend
andRemoteUserBackend
allowed inactive users to authenticate.
-
is_superuser
-
Boolean. Designates that this user has all permissions without explicitly assigning them.
-
last_login
-
A datetime of the user’s last login.
-
date_joined
-
A datetime designating when the account was created. Is set to the current date/time by default when the account is created.
Please login to continue.